Chapter 12. Authentication and Authorization

Something important arises at just about this point in your application design and creation. You have four, five, maybe more core pieces of functionality in place to add users, upload photos, and so on. You have a few tables set up in which to store data. You have most of your application’s central components built, and even though it’s still a simple application, you have a sense of where you’re going. And then, in the previous chapter, you added a new piece of functionality: the ability to delete users. It seems like just another feature; just another user requirement to tick off the list. But, wait a second…deleting users? Is that something that you want to offer to all of your users? Of course not. That’s an administrative feature. (You might even remember from Building a Simple Admin Page that an early candidate for the name of delete_user.php was admin.php.)

An administrator, of course, is someone who has the responsibility—and more importantly, the capability (and authority)—to manage user accounts and take care of the application on an overarching level. Unfortunately, your application doesn’t know that yet. As far as it’s concerned, there’s no such thing as an administrator. Right now, anyone can hop over to delete_user.php and nuke poor Ryan Geyer, or Robert Powell, or whoever else has signed up through create_user.html, with nothing more than a confirmation box standing between them and digital oblivion. ...

Get PHP & MySQL: The Missing Manual, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.